1. LOL I've just downloaded literally whole internet and copyrighted books and put them through a neural network. Now I have this whole knowledge in my LLM.
2. Hey? Are you using my NN for training your NN? you're a thief!Instead the AI companies reached these absurd settlements with publishers that made a mockery out of all the previous copyright enforcement victims.
copyright law literally says something isn’t infringement if it is a novel transformation. I get the jokes and criticism about AI companies fighting and complaining about competitors distilling, but this is a much weirder comparison.
But Eisenhower was right:
> In the councils of government, we must guard against the acquisition of unwarranted influence, whether sought or unsought, by the military-industrial complex. The potential for the disastrous rise of misplaced power exists and will persist.
> Instead the AI companies reached these absurd settlements with publishers that made a mockery out of all the previous copyright enforcement victims.
Isn't that at least something? How many people pirating software ever settled with the companies they "victimized?"
This isn't even about a single person or personality. Very few people in such position could stand fast by their moral code. In any case, an environment that favors profit above everything will naturally select for individuals who are unencumbered by such hindrances.
There might've been 100s of Altmans and Amodeis who had a strong moral code but we don't know about them because they dropped out of the "race" because of said moral hurdles.
terrifying
I think appropriate attribution is a moral code, but I am not able to attribute every idea I have to all those who helped me develop the general intelligence that I use to develop such ideas.
Exactly. Dairy farms optimise for milk production so favour cows that produce the most milk.
The market economy optimises for profit so favours those most willing/able to generate it. Zuckerberg, Musk, Thiel, Andreesen and co are products of the system.
If you look at it with your eyes crossed, Anthropic and the chinese are doing the same thing.
If you look at it with nuance 1 the chinese are doing way worse stuff, and 2 stealing from a thief would still be stealing
1. The chinese are making multiple accounts (at least 49,000)[1][2], using proxies/VPNs, possibly using residential computers and infected computers (unless you think the chinese are doing due diligence to ensure their purchased IPs are kosher). All accounts need to be created with a real name, and especially so if the paid models need to be accessed and paid with a credit card. So this is beyond IP theft and getting closer to fraud. These are all techniques that are well studied because they are used by criminals and cybercriminals, textbook stuff. Consider if that was not sufficient, that China is banned from using the product, so they need to use identities and locations not just to avoid relating the accounts between themselves, but merely to allow account creation. What identities are they using to create accounts.
Compare this to Anthropic which reads notes made a deal in an IP theft case paying billions because they bought books and scanned them but buying the books wasn't sufficient retribution for the authors. Or that they gasp scanned the internet, like Google.
Not having nuance to see the difference between the two companies is something I expect of the twitter echo chamber copying hot takes for upvotes, not hacker news.
[1] https://arstechnica.com/tech-policy/2026/06/anthropic-claims... [2] https://www.anthropic.com/news/detecting-and-preventing-dist...
Anthropic seems to want to both own and eat its stolen cake.
> stealing from a thief would still be stealing
Stealing from a thief hurts thief industry which is a win for society.
> The chinese are making multiple accounts
Not a crime. AI companies also ignore robots.txt and applicable laws when illegally copying copyrighted material from websites to their servers without author permission.
It is likely that the US will get a live feed from each AI provider that they are inspecting in real time to identity things of interest, terrorist attacks or foreign government planning or even foreign companies competitive to key US companies.
It will give them access to the though process in those companies as well as much of their text-based IP (source code, docs, meeting transcripts, etc)
Also if you are using local AI that you didn’t train yourself you can never be sure it doesn’t have purposeful biases in its reasoning that may disadvantage you - such as directing you away from certain plans or ideas or patents etc.
If a token compresses to around a byte, worldwide AI input and output is around 1 gigabyte per second.
For any intelligence agency, they can afford to keep and store all of that forever, and later do analysis on it.
At the scale the AI companies are operating at, I think it isn't likely that they are sucking it all in right now.
More likely I think the intelligence agencies will get a real-time live tap into the raw data feed which they will process onsite for interesting things and then if things are flagged, they will log it in the intelligence agency systems.
The timezone fetch was to alter program behaviour at runtime, not to send arbitrary timezones for tracking reasons.
It was one way of detecting if it was a chinese person using the program and then behaving differently.
Malware behaves this way. STUXNET for example was wired to do nothing except propagate unless the environment had the right conditions.
[1]https://www.reddit.com/r/ClaudeAI/comments/1ujila1/anthropic...
> No! Don't install that lodash thing without explicit approval from IT. Oh, you want a license for Charles Proxy? Gee, I dunno... we've got a budget to maintain.
Employers in 2023:
> No! You can't use ChatGPT at work – it's a security risk.
Employers in 2024:
> Okay, you can use Github Copilot I guess, but you'll have to endure boring corporate training on what you're allowed to do with it.
Employers with dollar signs in their eyes in 2025:
> We attended a seminar about vibe coding. Why aren't you dumbasses keeping up with the times? Use Claude Code for everything! Don't write any of your own code anymore. We don't even really care if you use yolo mode. Just review code and push 10x more features! Use unlimited tokens! Money printer go brrrrr.
Employers in 2026:
> You mean giving one or two companies full autonomous access to our workstations while stupifying our engineers wasn't a sound business plan?
The confusing part to me is why these companies believed the "AGI" hype, I.E. that OpenAI or Claude's LLM is the ideal white collar slave.
I suppose I can understand that the executive class resents labor enough to make irrational business decisions for the purpose of insulting the workers who design and operate their companies.
That being said, the 2025 AI binge feels like a murder-suicide done by the executives of many of these companies.
Of-course USA is collecting everything, not just from China but everyone.
And same with every one else.
Many of the top AI researchers at western companies are from China, and many are returning.
And they constantly publish state of the art LLM research (see DS4 context compaction and cache tech).
They have very capable tech giants. So while not being able to distill western models would probably have some impact, it's probably becoming lesser as time passes.
We might even see Western LLMs distilling Chinese models soon. If they aren't already to some extent.
More than a year ago, when Anthropic and OpenAI started to hide the reasoning bits from the output, a lot of people here on HN predicted that Chinese models days were numbered.
Fast forward to today, and models such as DeepSeek and MiMo are nothing short of excellent. I haven't used GLM or Qwen but heard very good things about them as well.
This "massive distillation" sounds a lot like anxiety about how companies from outside the US can develop very good models themselves.
iproyal.com Oxylabs.io
https://krebsonsecurity.com/2025/10/aisuru-botnet-shifts-fro...
Workarounds aside, it says Claude Code not Claude.
i.e. they are using the CLI running any model. You can for instance run GLM with it.
Claude Code is neither and it is literally info stealing malware.
What's a "distillation attack"? How is it different from simply distillation?
use claude-code see how good it is send 100k bots to distill fable 5 (GLM 5.2 is the result of this) release Zcode ditch claude-code ban claude-code
When these tools first appeared the overwhelming conversation was about the risk of letting a remote tool siphon your code and intellectual property (where eventually they're going to add that to their training). Now everyone is using them, and that fear seems to have dissolved. Every corporation is sprinkled with Claude Code, Antigravity, Copilot, Codex, and so on. Even the long fear-mongered Chinese providers are being heavily used in many spaces.
In this case this is a PR battle between two firms, and it isn't much more. And Alibaba isn't worried about the "proprietary code" (the truth is that there is incredibly little interest in most orgs code), but that the tool is a backdoor, or at least that is the claim.
I think from a commercial perspective yes, but access to source code is very good for finding exploits which could be very valuable for governments. I could also see a future where companies are directly cyber-attacking competitors in hostile markets too...
Until the first big incident, yes.
Most services I know that are trying to block abuse do collect device info
Unlike the vast majority of people Anthropic stole from.
The issue is that by distilling Claude, Alibaba reuses the IP anthropic used to train the model that's more akin to historical Chinese reverse engineering methods and disrespect of IP
Also, you can't copyright AI outputs. So worst case they violated the ToS.
Why is this any worse than Anthropic's disrepect of IP? You've apparently drawn a distinction between the two here, but I'm failing to see what it actually is.
Fwiw, I think the concept of IP in general is counter to human progress.
In any case there's still a difference between publicly available copyrighted data and whether you can use it for model training, and the innovation around model training, RLHF, etc which you presumably have some interest as a country to allow companies to invest in with some legal protections (like the diff between patent law vs copyright law)
> disrespect of IP
Nobody other than Anthropic cares.
It absolutely is. That's textbook copyright infringement. Doing it for commercial purposes elevates it to criminal copyright infringement.
So?
Fraudsters don't want to be jailed, their victims don't want to be scammed, employees don't want to be laid off, etc.
What the target wants is irrelevant - what society wants as enforced by laws is what is relevant, and as the leading AI providers have demonstrated, simply grabbing other people's copyrighted stuff for learning purposes is perfectly fine!
If they already think this practice is fine, why would I believe that their concerns about this are real?
Some token settlement for an insignificant fraction of their revenue is not in any way a "sanction".
No that's not something. That's just having infinitely more money to fight legal battles.
The AI companies knew that and bet, correctly, that it would be worth the cost.
A courtesy. There was never any need to justify it.
> Isn't that at least something?
Yes, it's a joke. Why do they get to infringe copyrights with impunity while normal people get destroyed? Either go after them like the copyright industry always does and punish them properly, or abolish copyright straight up. This "rules for thee but not for me" nonsense is straight up disgusting.
> How many people pirating software ever settled with the companies they "victimized?"
Too many to list. Also, nobody is victimizing billion dollar corporations.
I mean, what is this? Their balls suddenly drop off? They only have the audacity to prosecute random people? Smaller companies? When they're up against trillion dollar AI companies they suddenly become cowards? That's so incredibly disgusting, and it made me completely lose even the small amount of respect for copyright that I had managed to rationalize over the years.
1. The copyright infringement of big corpos fully justifying my copyright infringement in the face of law
2. The copyright infringement of big corpos being prosecuted in the same exact way as my copyright infringement would.
There is really no middle ground.
As for your "technically not copyright infringement" defense. Those laws are from a time when those patterns couldnt be derived and dostributed at scale. A human had to learn and teach them. That made it different. The scale enabled my modern tech makes it a whole dofferent situation. The same way how one person standing a street corner people watching for a bit isnt that bad, but a whole constellation of flock cameras costantly montioring everyones movements and making it available to any of their customers is really really bad. The law will have to catch up to this
"Anthropic settles with authors in first-of-its-kind AI copyright infringement lawsuit" - https://www.npr.org/2025/09/05/nx-s1-5529404/anthropic-settl...
> However, the judge ruled that Anthropic's use of millions of pirated books to build its models – books that websites such as Library Genesis (LibGen) and Pirate Library Mirror (PiLiMi) copied without getting the authors' consent or giving them compensation – was not.
It seems clear from the article that while the use of pirated works was illegal, the use of copyrighted works (a the work a book is based on is still copyrighted if you buy the book) was fine and transformative.
Does that make my brain copyright infringement? Does Disney now own all my output forever because some small part of me now has Harry Potter embedded?
Somewhere between the two a line must be drawn… where we’d want to put that line, I guess, if up for quibbling. But it doesn’t seem obvious to me.
If you just ignore anything that's inconvenient for your argument, you can make any argument you want.
if you prompt it to, yes. just like your browser dutifully navigates to any copyright-infringing resource and GETs and POSTs whatever you ask of it.
(also it can't, not really, only small snippets before going off rails. LLMs aren't magic, they can't losslessly compress an exabyte of training data into a few terabytes of weights.)
If so, why do we still pay for games and movies?
this is an incorrect interpretation (in the usa, at least).
downloading a game/movie is still the creation of unauthorized copy, which is not allowed. not to mention that playing/watching does not count as a "novel transformation".
(17 U.S.C. § 106 and 17 U.S.C. § 501 are the relevant pieces of reading)
ISPs and trigger-happy law firms don't send you a C&D for downloading a torrent, they do so for seeding a torrent. It's just that practically nobody "just seeds" a torrent so people colloquially claim they got busted for downloading a torrent.
In theory this means if you torrent as a 100% leecher and turn off seeding from the get-go, you should be in the clear. But nobody sensible would dare test the extent of German Legal Spite, much less do so repeatedly to science the shit out of it.
If you can download through another protocol, say HTTP, however---<Sendung unterbrochen!>
The google books and google thumbnails cases have so far upheld that even mechanical reproductions are allowed, depending on the context/usage.
None of those are relevant factors when it comes to copyright law. You don't get a pass for copyright infringement just because you're not copying the entire work. Same goes for a copy that's transient. You can't set up a bootleg movie theater in your home, even if you delete the movie file afterwards, and there's no trace of the movie aside from the viewers' vague memories.